No description available.
tid
Timestamp-based ID
Properties
acceptedExchanges
array
of
string
did
Optional
Exchange DIDs allowed to settle this job. MUST be non-empty in practice; the named paymentAuthorization MUST cover one of these.
maxLength: 16 itemsacceptedProviders
array
of
string
did
Optional
Specific provider DIDs allowed to serve this job. Empty/absent means any provider that meets acceptedTrustLevel.
maxLength: 64 itemsacceptedTrustLevel
ref
dev.cocore.compute.defs#trustLevel
Required
Minimum trust level the requester will accept from a provider serving this job.
createdAt
string
datetime
Required
An RFC 3339 formatted timestamp.
expiresAt
string
datetime
Required
Provider must complete by this time. Receipts whose completedAt > expiresAt are invalid.
inputCipherURL
string
uri
Optional
Optional URL where the encrypted prompt blob can be fetched. May be a PDS blob (at://...) or any other content-addressed URL. The commitment is what matters; this is a convenience pointer.
inputCommitment
string
Required
SHA-256 hex over the SEALED input plaintext bytes the provider decrypts — i.e. the exact bytes both the requester (before sealing) and the provider (after opening) hash, so it is self-consistent without either side parsing the payload. The plaintext is never on-chain. The byte layout is described by `inputFormat`: absent/`text` means the bytes are the raw prompt string; `messages-v1` means they are the UTF-8 of the canonical multimodal envelope (see `inputFormat`).
maxLength: 64 bytesminLength: 64 bytesinputFormat
string
Optional
How to interpret the sealed input bytes that `inputCommitment` covers. Absent (legacy) or `text`: the bytes are the raw prompt string. `messages-v1`: the bytes are the UTF-8 of a canonical-JSON multimodal envelope { v: 1, messages: [ { role, content } ] }, where `content` is either a string or an array of parts — { type: "text", text } and { type: "image", mime, data } with `data` base64-encoded image bytes inline. A verifier reconstructs the same canonical bytes to recompute `inputCommitment`. Additive: providers that don't understand a format reject the job rather than mis-serving it.
text, messages-v1maxTokensOut
integer
Required
No description available.
minimum: 1maximum: 2000000model
string
Required
Opaque model identifier the requester wants the provider to honor.
maxLength: 256 bytesnonce
string
Required
16 random bytes, hex-encoded. Replay protection.
maxLength: 32 bytesminLength: 32 bytespaymentAuthorization
ref
com.atproto.repo.strongRef
Required
Strong-ref to a dev.cocore.compute.paymentAuthorization record in the same repo, naming an exchange and a ceiling >= this job's priceCeiling.
priceCeiling
ref
dev.cocore.compute.defs#money
Required
Maximum price the requester will accept for this job. The provider's receipt MUST list a price <= this ceiling, else the receipt is invalid.
View raw schema
{
"key": "tid",
"type": "record",
"record": {
"type": "object",
"required": [
"model",
"inputCommitment",
"maxTokensOut",
"priceCeiling",
"acceptedTrustLevel",
"paymentAuthorization",
"nonce",
"expiresAt",
"createdAt"
],
"properties": {
"model": {
"type": "string",
"maxLength": 256,
"description": "Opaque model identifier the requester wants the provider to honor."
},
"nonce": {
"type": "string",
"maxLength": 32,
"minLength": 32,
"description": "16 random bytes, hex-encoded. Replay protection."
},
"createdAt": {
"type": "string",
"format": "datetime"
},
"expiresAt": {
"type": "string",
"format": "datetime",
"description": "Provider must complete by this time. Receipts whose completedAt > expiresAt are invalid."
},
"inputFormat": {
"type": "string",
"description": "How to interpret the sealed input bytes that `inputCommitment` covers. Absent (legacy) or `text`: the bytes are the raw prompt string. `messages-v1`: the bytes are the UTF-8 of a canonical-JSON multimodal envelope { v: 1, messages: [ { role, content } ] }, where `content` is either a string or an array of parts — { type: \"text\", text } and { type: \"image\", mime, data } with `data` base64-encoded image bytes inline. A verifier reconstructs the same canonical bytes to recompute `inputCommitment`. Additive: providers that don't understand a format reject the job rather than mis-serving it.",
"knownValues": [
"text",
"messages-v1"
]
},
"maxTokensOut": {
"type": "integer",
"maximum": 2000000,
"minimum": 1
},
"priceCeiling": {
"ref": "dev.cocore.compute.defs#money",
"type": "ref",
"description": "Maximum price the requester will accept for this job. The provider's receipt MUST list a price <= this ceiling, else the receipt is invalid."
},
"inputCipherURL": {
"type": "string",
"format": "uri",
"description": "Optional URL where the encrypted prompt blob can be fetched. May be a PDS blob (at://...) or any other content-addressed URL. The commitment is what matters; this is a convenience pointer."
},
"inputCommitment": {
"type": "string",
"maxLength": 64,
"minLength": 64,
"description": "SHA-256 hex over the SEALED input plaintext bytes the provider decrypts — i.e. the exact bytes both the requester (before sealing) and the provider (after opening) hash, so it is self-consistent without either side parsing the payload. The plaintext is never on-chain. The byte layout is described by `inputFormat`: absent/`text` means the bytes are the raw prompt string; `messages-v1` means they are the UTF-8 of the canonical multimodal envelope (see `inputFormat`)."
},
"acceptedExchanges": {
"type": "array",
"items": {
"type": "string",
"format": "did"
},
"maxLength": 16,
"description": "Exchange DIDs allowed to settle this job. MUST be non-empty in practice; the named paymentAuthorization MUST cover one of these."
},
"acceptedProviders": {
"type": "array",
"items": {
"type": "string",
"format": "did"
},
"maxLength": 64,
"description": "Specific provider DIDs allowed to serve this job. Empty/absent means any provider that meets acceptedTrustLevel."
},
"acceptedTrustLevel": {
"ref": "dev.cocore.compute.defs#trustLevel",
"type": "ref",
"description": "Minimum trust level the requester will accept from a provider serving this job."
},
"paymentAuthorization": {
"ref": "com.atproto.repo.strongRef",
"type": "ref",
"description": "Strong-ref to a dev.cocore.compute.paymentAuthorization record in the same repo, naming an exchange and a ceiling >= this job's priceCeiling."
}
}
}
}